Fossil SCM

Additional tweaks to the wiki/ticket editing logic with moderation control.

drh 2012-11-02 02:26 UTC moderation

Commit d3d094ff55d9ab853a6d72a11e2ab28bba07856a

Parent 628c402414e3d47…

4 files changed +12 -9 +7 -5 +8 -3 +3

~ src/attach.c ~ src/th_main.c ~ src/tktsetup.c ~ src/wiki.c

M src/attach.c

+12 -9

		--- src/attach.c
		+++ src/attach.c
		@@ -361,11 +361,11 @@
361	361	const char zMime; / MIME Type */
362	362	Blob attach; /* Content of the attachment */
363	363	int wantToDelete = P("del")!=0;/* Want to delete */
364	364
365	365	login_check_credentials();
366		- if( !g.perm.Attach ){ login_needed(); return; }
	366	+ if( !g.perm.RdTkt && !g.perm.RdWiki ){ login_needed(); return; }
367	367	rid = name_to_rid_www("name");
368	368	if( rid==0 ){ fossil_redirect_home(); }
369	369	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
370	370	#if 0
371	371	/* Shunning here needs to get both the attachment control artifact and
		@@ -389,12 +389,20 @@
389	389	zDesc = pAttach->zComment;
390	390	if( validate16(zTarget, strlen(zTarget))
391	391	&& db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%s'", zTarget)
392	392	){
393	393	zTktUuid = zTarget;
	394	+ if( !g.perm.RdTkt ){ login_needed(); return; }
	395	+ if( g.perm.WrTkt ){
	396	+ style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
	397	+ }
394	398	}else if( db_exists("SELECT 1 FROM tag WHERE tagname='wiki-%q'",zTarget) ){
395	399	zWikiName = zTarget;
	400	+ if( !g.perm.RdWiki ){ login_needed(); return; }
	401	+ if( g.perm.WrWiki ){
	402	+ style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
	403	+ }
396	404	}
397	405	zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate);
398	406
399	407	if( P("confirm")
400	408	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
		@@ -463,20 +471,14 @@
463	471	@ <span class="modpending">* Awaiting Moderator Approval *</span>
464	472	}
465	473	if( zTktUuid ){
466	474	@ <tr><th>Ticket:</th>
467	475	@ <td>%z(href("%R/tktview/%s",zTktUuid))%s(zTktUuid)</a></td></tr>
468		- if( g.perm.WrTkt ){
469		- style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
470		- }
471	476	}
472	477	if( zWikiName ){
473	478	@ <tr><th>Wiki Page:</th>
474	479	@ <td>%z(href("%R/wiki?name=%t",zWikiName))%h(zWikiName)</a></td></tr>
475		- if( g.perm.WrWiki ){
476		- style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
477		- }
478	480	}
479	481	@ <tr><th>Date:</th><td>
480	482	hyperlink_to_date(zDate, "</td></tr>");
481	483	free(zDate);
482	484	@ <tr><th>User:</th><td>
		@@ -544,11 +546,11 @@
544	546	){
545	547	int cnt = 0;
546	548	Stmt q;
547	549	db_prepare(&q,
548	550	"SELECT datetime(mtime,'localtime'), filename, user,"
549		- " (SELECT uuid FROM blob WHERE rid=attachid)"
	551	+ " (SELECT uuid FROM blob WHERE rid=attachid), src"
550	552	" FROM attachment"
551	553	" WHERE isLatest AND src!='' AND target=%Q"
552	554	" ORDER BY mtime DESC",
553	555	zTarget
554	556	);
		@@ -555,16 +557,17 @@
555	557	while( db_step(&q)==SQLITE_ROW ){
556	558	const char *zDate = db_column_text(&q, 0);
557	559	const char *zFile = db_column_text(&q, 1);
558	560	const char *zUser = db_column_text(&q, 2);
559	561	const char *zUuid = db_column_text(&q, 3);
	562	+ const char *zSrc = db_column_text(&q, 4);
560	563	if( cnt==0 ){
561	564	@ %s(zHeader)
562	565	}
563	566	cnt++;
564	567	@ <li>
565		- @ %z(href("%R/artifact/%s",zUuid))%h(zFile)</a>
	568	+ @ %z(href("%R/artifact/%s",zSrc))%h(zFile)</a>
566	569	@ added by %h(zUser) on
567	570	hyperlink_to_date(zDate, ".");
568	571	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
569	572	@ </li>
570	573	}
571	574

	--- src/attach.c
	+++ src/attach.c
	@@ -361,11 +361,11 @@
361	const char zMime; / MIME Type */
362	Blob attach; /* Content of the attachment */
363	int wantToDelete = P("del")!=0;/* Want to delete */
364
365	login_check_credentials();
366	if( !g.perm.Attach ){ login_needed(); return; }
367	rid = name_to_rid_www("name");
368	if( rid==0 ){ fossil_redirect_home(); }
369	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
370	#if 0
371	/* Shunning here needs to get both the attachment control artifact and
	@@ -389,12 +389,20 @@
389	zDesc = pAttach->zComment;
390	if( validate16(zTarget, strlen(zTarget))
391	&& db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%s'", zTarget)
392	){
393	zTktUuid = zTarget;




394	}else if( db_exists("SELECT 1 FROM tag WHERE tagname='wiki-%q'",zTarget) ){
395	zWikiName = zTarget;




396	}
397	zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate);
398
399	if( P("confirm")
400	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
	@@ -463,20 +471,14 @@
463	@ <span class="modpending">* Awaiting Moderator Approval *</span>
464	}
465	if( zTktUuid ){
466	@ <tr><th>Ticket:</th>
467	@ <td>%z(href("%R/tktview/%s",zTktUuid))%s(zTktUuid)</a></td></tr>
468	if( g.perm.WrTkt ){
469	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
470	}
471	}
472	if( zWikiName ){
473	@ <tr><th>Wiki Page:</th>
474	@ <td>%z(href("%R/wiki?name=%t",zWikiName))%h(zWikiName)</a></td></tr>
475	if( g.perm.WrWiki ){
476	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
477	}
478	}
479	@ <tr><th>Date:</th><td>
480	hyperlink_to_date(zDate, "</td></tr>");
481	free(zDate);
482	@ <tr><th>User:</th><td>
	@@ -544,11 +546,11 @@
544	){
545	int cnt = 0;
546	Stmt q;
547	db_prepare(&q,
548	"SELECT datetime(mtime,'localtime'), filename, user,"
549	" (SELECT uuid FROM blob WHERE rid=attachid)"
550	" FROM attachment"
551	" WHERE isLatest AND src!='' AND target=%Q"
552	" ORDER BY mtime DESC",
553	zTarget
554	);
	@@ -555,16 +557,17 @@
555	while( db_step(&q)==SQLITE_ROW ){
556	const char *zDate = db_column_text(&q, 0);
557	const char *zFile = db_column_text(&q, 1);
558	const char *zUser = db_column_text(&q, 2);
559	const char *zUuid = db_column_text(&q, 3);

560	if( cnt==0 ){
561	@ %s(zHeader)
562	}
563	cnt++;
564	@ <li>
565	@ %z(href("%R/artifact/%s",zUuid))%h(zFile)</a>
566	@ added by %h(zUser) on
567	hyperlink_to_date(zDate, ".");
568	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
569	@ </li>
570	}
571

	--- src/attach.c
	+++ src/attach.c
	@@ -361,11 +361,11 @@
361	const char zMime; / MIME Type */
362	Blob attach; /* Content of the attachment */
363	int wantToDelete = P("del")!=0;/* Want to delete */
364
365	login_check_credentials();
366	if( !g.perm.RdTkt && !g.perm.RdWiki ){ login_needed(); return; }
367	rid = name_to_rid_www("name");
368	if( rid==0 ){ fossil_redirect_home(); }
369	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
370	#if 0
371	/* Shunning here needs to get both the attachment control artifact and
	@@ -389,12 +389,20 @@
389	zDesc = pAttach->zComment;
390	if( validate16(zTarget, strlen(zTarget))
391	&& db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%s'", zTarget)
392	){
393	zTktUuid = zTarget;
394	if( !g.perm.RdTkt ){ login_needed(); return; }
395	if( g.perm.WrTkt ){
396	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
397	}
398	}else if( db_exists("SELECT 1 FROM tag WHERE tagname='wiki-%q'",zTarget) ){
399	zWikiName = zTarget;
400	if( !g.perm.RdWiki ){ login_needed(); return; }
401	if( g.perm.WrWiki ){
402	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
403	}
404	}
405	zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate);
406
407	if( P("confirm")
408	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
	@@ -463,20 +471,14 @@
471	@ <span class="modpending">* Awaiting Moderator Approval *</span>
472	}
473	if( zTktUuid ){
474	@ <tr><th>Ticket:</th>
475	@ <td>%z(href("%R/tktview/%s",zTktUuid))%s(zTktUuid)</a></td></tr>



476	}
477	if( zWikiName ){
478	@ <tr><th>Wiki Page:</th>
479	@ <td>%z(href("%R/wiki?name=%t",zWikiName))%h(zWikiName)</a></td></tr>



480	}
481	@ <tr><th>Date:</th><td>
482	hyperlink_to_date(zDate, "</td></tr>");
483	free(zDate);
484	@ <tr><th>User:</th><td>
	@@ -544,11 +546,11 @@
546	){
547	int cnt = 0;
548	Stmt q;
549	db_prepare(&q,
550	"SELECT datetime(mtime,'localtime'), filename, user,"
551	" (SELECT uuid FROM blob WHERE rid=attachid), src"
552	" FROM attachment"
553	" WHERE isLatest AND src!='' AND target=%Q"
554	" ORDER BY mtime DESC",
555	zTarget
556	);
	@@ -555,16 +557,17 @@
557	while( db_step(&q)==SQLITE_ROW ){
558	const char *zDate = db_column_text(&q, 0);
559	const char *zFile = db_column_text(&q, 1);
560	const char *zUser = db_column_text(&q, 2);
561	const char *zUuid = db_column_text(&q, 3);
562	const char *zSrc = db_column_text(&q, 4);
563	if( cnt==0 ){
564	@ %s(zHeader)
565	}
566	cnt++;
567	@ <li>
568	@ %z(href("%R/artifact/%s",zSrc))%h(zFile)</a>
569	@ added by %h(zUser) on
570	hyperlink_to_date(zDate, ".");
571	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
572	@ </li>
573	}
574

M src/th_main.c

+7 -5

		--- src/th_main.c
		+++ src/th_main.c
		@@ -192,11 +192,11 @@
192	192	free(zOut);
193	193	return TH_OK;
194	194	}
195	195
196	196	/*
197		-** TH command: hascap STRING
	197	+** TH command: hascap STRING...
198	198	**
199	199	** Return true if the user has all of the capabilities listed in STRING.
200	200	*/
201	201	static int hascapCmd(
202	202	Th_Interp *interp,
		@@ -203,15 +203,17 @@
203	203	void *p,
204	204	int argc,
205	205	const char **argv,
206	206	int *argl
207	207	){
208		- int rc;
209		- if( argc!=2 ){
210		- return Th_WrongNumArgs(interp, "hascap STRING");
	208	+ int rc = 0, i;
	209	+ if( argc<2 ){
	210	+ return Th_WrongNumArgs(interp, "hascap STRING ...");
211	211	}
212		- rc = login_has_capability((char*)argv[1],argl[1]);
	212	+ for(i=1; i<argc && rc==0; i++){
	213	+ rc = login_has_capability((char*)argv[i],argl[i]);
	214	+ }
213	215	if( g.thTrace ){
214	216	Th_Trace("[hascap %#h] => %d<br />\n", argl[1], argv[1], rc);
215	217	}
216	218	Th_SetResultInt(interp, rc);
217	219	return TH_OK;
218	220

	--- src/th_main.c
	+++ src/th_main.c
	@@ -192,11 +192,11 @@
192	free(zOut);
193	return TH_OK;
194	}
195
196	/*
197	** TH command: hascap STRING
198	**
199	** Return true if the user has all of the capabilities listed in STRING.
200	*/
201	static int hascapCmd(
202	Th_Interp *interp,
	@@ -203,15 +203,17 @@
203	void *p,
204	int argc,
205	const char **argv,
206	int *argl
207	){
208	int rc;
209	if( argc!=2 ){
210	return Th_WrongNumArgs(interp, "hascap STRING");
211	}
212	rc = login_has_capability((char*)argv[1],argl[1]);


213	if( g.thTrace ){
214	Th_Trace("[hascap %#h] => %d<br />\n", argl[1], argv[1], rc);
215	}
216	Th_SetResultInt(interp, rc);
217	return TH_OK;
218

	--- src/th_main.c
	+++ src/th_main.c
	@@ -192,11 +192,11 @@
192	free(zOut);
193	return TH_OK;
194	}
195
196	/*
197	** TH command: hascap STRING...
198	**
199	** Return true if the user has all of the capabilities listed in STRING.
200	*/
201	static int hascapCmd(
202	Th_Interp *interp,
	@@ -203,15 +203,17 @@
203	void *p,
204	int argc,
205	const char **argv,
206	int *argl
207	){
208	int rc = 0, i;
209	if( argc<2 ){
210	return Th_WrongNumArgs(interp, "hascap STRING ...");
211	}
212	for(i=1; i<argc && rc==0; i++){
213	rc = login_has_capability((char*)argv[i],argl[i]);
214	}
215	if( g.thTrace ){
216	Th_Trace("[hascap %#h] => %d<br />\n", argl[1], argv[1], rc);
217	}
218	Th_SetResultInt(interp, rc);
219	return TH_OK;
220

M src/tktsetup.c

+8 -3

		--- src/tktsetup.c
		+++ src/tktsetup.c
		@@ -595,13 +595,18 @@
595	595	@ <ol>
596	596	@ <th1>html $report_items</th1>
597	597	@ </ol>
598	598	@
599	599	@ <th1>
600		-@ if {[hascap t]} {
601		-@ html "<p>Create a new ticket display format:</p>"
602		-@ html "<ul><li><a href='rptnew'>New report format</a></li></ul>"
	600	+@ if {[hascap t q]} {
	601	+@ html "<p>Other options:</p>\n<ul>\n"
	602	+@ if {[hascap t]} {
	603	+@ html "<li><a href='rptnew'>New report format</a></li>\n"
	604	+@ }
	605	+@ if {[hascap q]} {
	606	+@ html "<li><a href='modreq'>Tend to pending moderation requests</a></li>\n"
	607	+@ }
603	608	@ }
604	609	@ </th1>
605	610	;
606	611
607	612	/*
608	613

	--- src/tktsetup.c
	+++ src/tktsetup.c
	@@ -595,13 +595,18 @@
595	@ <ol>
596	@ <th1>html $report_items</th1>
597	@ </ol>
598	@
599	@ <th1>
600	@ if {[hascap t]} {
601	@ html "<p>Create a new ticket display format:</p>"
602	@ html "<ul><li><a href='rptnew'>New report format</a></li></ul>"





603	@ }
604	@ </th1>
605	;
606
607	/*
608

	--- src/tktsetup.c
	+++ src/tktsetup.c
	@@ -595,13 +595,18 @@
595	@ <ol>
596	@ <th1>html $report_items</th1>
597	@ </ol>
598	@
599	@ <th1>
600	@ if {[hascap t q]} {
601	@ html "<p>Other options:</p>\n<ul>\n"
602	@ if {[hascap t]} {
603	@ html "<li><a href='rptnew'>New report format</a></li>\n"
604	@ }
605	@ if {[hascap q]} {
606	@ html "<li><a href='modreq'>Tend to pending moderation requests</a></li>\n"
607	@ }
608	@ }
609	@ </th1>
610	;
611
612	/*
613

M src/wiki.c

		--- src/wiki.c
		+++ src/wiki.c
		@@ -158,10 +158,13 @@
158	158	@ <li> Create a %z(href("%R/eventedit"))new event</a>.</li>
159	159	}
160	160	}
161	161	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
162	162	@ available on this server.</li>
	163	+ if( g.perm.ModWiki ){
	164	+ @ <li> %z(href("%R/modreq"))Tend to pending moderation requests</a></li>
	165	+ }
163	166	@ <li> <form method="get" action="%s(g.zTop)/wfind"><div>
164	167	@ Search wiki titles: <input type="text" name="title"/>
165	168	@   <input type="submit" /></div></form>
166	169	@ </li>
167	170	@ </ul>
168	171

	--- src/wiki.c
	+++ src/wiki.c
	@@ -158,10 +158,13 @@
158	@ <li> Create a %z(href("%R/eventedit"))new event</a>.</li>
159	}
160	}
161	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
162	@ available on this server.</li>



163	@ <li> <form method="get" action="%s(g.zTop)/wfind"><div>
164	@ Search wiki titles: <input type="text" name="title"/>
165	@   <input type="submit" /></div></form>
166	@ </li>
167	@ </ul>
168

	--- src/wiki.c
	+++ src/wiki.c
	@@ -158,10 +158,13 @@
158	@ <li> Create a %z(href("%R/eventedit"))new event</a>.</li>
159	}
160	}
161	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
162	@ available on this server.</li>
163	if( g.perm.ModWiki ){
164	@ <li> %z(href("%R/modreq"))Tend to pending moderation requests</a></li>
165	}
166	@ <li> <form method="get" action="%s(g.zTop)/wfind"><div>
167	@ Search wiki titles: <input type="text" name="title"/>
168	@   <input type="submit" /></div></form>
169	@ </li>
170	@ </ul>
171

Fossil SCM

Keyboard Shortcuts